Global Security and Compliance Certifications Specialist

SKILLS AND EXPERIENCE:

• Minimum of 6 years of experience in an equivalent technology risk and compliance related role.
• Ability to organize, prioritize and project manage work in a fast-paced and ambiguous environment.
• Experience and knowledge of cloud infrastructures (AWS, Azure, or GCP)
• Experience with compliance reports, certifications and standards as they relate to Software as a Service, Infrastructure as a Service and Cloud Computing, such as SOC1 (SSAE18), SOC2, ISO, FedRAMP, IRAP, PCI-DSS, HITRUST, NIST CyberSecurity Framework, and other related frameworks.
• Experience with common control framework and GRC software and tools maintenance.
• Experience coordinating, facilitating and managing security and compliance audits; industry-specific regulatory compliance knowledge, a plus.
• Drive program efficiency and high customer satisfaction and cultivate support and consensus across multiple stakeholder groups.
• Excellent oral, written and presentation skills with the capability to articulate technical and operational processes.
• Bachelor’s Degree in computer science, information systems, analytics or related field and CISA, CISSP or other relevant certifications.
• Experience with regulations and compliance requirements in China to support our teams located overseas.
• Business level Mandarin or Cantonese.

RESPONSIBILITIES:

• Own and mature end to end process of compliance audits. Communicate compliance requirements to cross functional teams and own audit evidence validation, documentation, standardization with the goal of driving automation in this end to end process.
• Perform gap analysis/readiness assessments relevant net new certifications
• Interact with the auditors (walkthroughs, explaining controls and evidence, review final report)
• Supply and interpret Snowflake’s reports and certifications. This includes Mandarin/ or Cantonese translation, verbal or written comments/explanations.
• Develop/Support/Consult on whitepapers, blogpost and other artifacts
• Customer audit support (evidence, interaction with customers/auditors), questions/questionnaires, report requests, pentest requests, quarterly security reviews etc.
• Regularly validate control implementation to support product compliance.
• Collaborate regularly with cross functional teams to address requirements.
• Manage compliance projects across multiple teams, including cloud engineering, security and development etc.
• Reporting and communication of project status to service teams, control owners, and senior leadership.